Apple iOS/iPadOS up to 13.7 Font out-of-bounds read

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as problematic, has been found in Apple iOS and iPadOS up to 13.7 (Smartphone Operating System). Affected by this issue is an unknown code block of the component Font Handler. Upgrading to version 14.0 eliminates this vulnerability.

Field04/03/2021 10:37 AM04/08/2021 03:19 PM
vendorAppleApple
nameiOS/iPadOSiOS/iPadOS
version<=13.7<=13.7
componentFont HandlerFont Handler
cwe125 (information disclosure)125 (information disclosure)
risk11
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiRR
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iNN
cvss3_vuldb_aNN
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
identifierHT211850HT211850
urlhttps://support.apple.com/en-us/HT211850https://support.apple.com/en-us/HT211850
nameUpgradeUpgrade
upgrade_version14.014.0
cveCVE-2020-29639CVE-2020-29639
date1617400800 (04/03/2021)1617400800 (04/03/2021)
typeSmartphone Operating SystemSmartphone Operating System
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiNN
cvss2_vuldb_aiNN
cvss2_vuldb_rcCC
cvss2_vuldb_rlOFOF
cvss2_vuldb_eNDND
cvss3_vuldb_eXX
cvss2_vuldb_basescore5.05.0
cvss2_vuldb_tempscore5.04.4
cvss3_vuldb_basescore4.34.3
cvss3_vuldb_tempscore4.34.1
cvss3_meta_basescore4.34.3
cvss3_meta_tempscore4.34.1
price_0day$25k-$100k$25k-$100k
price_trend++
cve_assigned1607382000
cve_nvd_summaryAn out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted font may result in the disclosure of process memory.

Do you want to use VulDB in your project?

Use the official API to access entries easily!